Navy Qualified Validator for Rite-Silutions, Inc. in Newport, RI (salary not disclosed) STIG
Rite-Solutions, Inc is seeking a Navy Qualified Validator to support on-site at NUWCDIVNPT. You will be responsible for assisting in verifying that all NUWCDIVNPT enterprise and RDT&E networks and systems are in compliance with applicable Security Controls per the Department of the Navy (DON) RMF. The analyst must have a thorough understanding of RMF and basic familiarity with IT/network technologies. Applicants must meet the requirement of U.S. Citizenship, have a SECRET security clearance, and be eligible for a Cybersecurity Workforce (CSWF) IAM level II designation.
Who are we?
Rite-Solutions, Inc. is a growing and innovative CMMI Level III software and systems engineering company. We value the experience of the employee, their wellbeing, and their experience on a personal and professional level as part of the key fabric in building and maintaining an innovative and culture rich experience for the employee and their family. This commitment to our company and our employees has been recognized as we were awarded: Providence Business News "Best Places to Work" for 2021 and 2023; "Great Place to Work" Certification in 2022 and 2023; and Hire VETs Medallion Award in 2021 and 2022!; and Hire VETs Medallion Award in 2021 and 2022!
Job details: This person will support the NUWCDIVNPT Activity Command Information Officer (CIO) and work directly with the Command Information Systems Security Manager (ISSM), serve as a member of the Assess and Authorize (A&A) team, and perform the following:
- Become familiar with the system/site by reviewing the Assessment and Authorization (A&A) System Security Plan for existing systems; identify any issues with the Security Plan and Procedures; execute the Validation Plan and Procedures; review POA&Ms; develop Risk Assessments
- Keep abreast of and provide the team updated information on Navy RMF policies and procedures. Review DoD, DON, NAVSEA CS-related documentation (i.e., RMF Process Guide, DoN Standard Operating Procedures, NAVSEA Business Rules).
- Be comfortable conducting independent security control assessments in accordance with NIST SP 800-53, 800-53A, CNSSI 1253, and the Risk Management Framework (RMF) described in NIST SP 800-37
- Clearly articulate requirements and other information in written documentation such as Security Plan, Contingency Plan, Contingency Plan Test, Business Impact Analysis, etc.
- Provide guidance and training in eMASS to team members
- Demonstrate strong organizational and time-management skills: multitasking, working individually and with a team, having a positive attitude, being self-motivated and reliable, being trustworthy, having strong interpersonal and diplomatic skills, and being able to handle stress in a professional manner
- Position requires U.S. Citizenship and an active DoD security clearance
- Must be a Navy Qualified Validator appointed by the NAVY SCA.
- Must have an 8570.01M IAM/IAT Certificate (Security + at a minimum CAP or CASP /CISSP preferred)
- General National Institute of Standards and Training Special Publications (NIST SPs) knowledge
- Must be able to manage multiple projects at a time
- Minimum 4+ years of professional cybersecurity experience
- Assessment and Authorization (A&A formerly C&A, i.e. RMF and DIACAP respectively)
- Experience with ACAS, STIGViewer, eMASS
- Knowledge and experience with practices and procedures for CMMI Software Development Level 3 or greater is a plusFor more info.: https://hubs.la/Q02hhtnY0